danarchy_deploy 0.2.7 → 0.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. checksums.yaml +4 -4
  2. data/.asdf_versions.json +5 -0
  3. data/.tool-versions +1 -0
  4. data/CHANGELOG.md +9 -0
  5. data/Gemfile.lock +9 -8
  6. data/danarchy_deploy.gemspec +4 -4
  7. data/lib/danarchy_deploy/groups.rb +0 -1
  8. data/lib/danarchy_deploy/services/init/openrc.rb +10 -6
  9. data/lib/danarchy_deploy/services/init.rb +28 -18
  10. data/lib/danarchy_deploy/services.rb +0 -1
  11. data/lib/danarchy_deploy/system/centos.rb +7 -0
  12. data/lib/danarchy_deploy/system/debian.rb +6 -0
  13. data/lib/danarchy_deploy/system/gentoo.rb +83 -23
  14. data/lib/danarchy_deploy/system/opensuse.rb +6 -0
  15. data/lib/danarchy_deploy/system.rb +13 -8
  16. data/lib/danarchy_deploy/templater.rb +1 -2
  17. data/lib/danarchy_deploy/users.rb +50 -42
  18. data/lib/danarchy_deploy/version.rb +1 -1
  19. data/lib/danarchy_deploy.rb +61 -19
  20. data/templates/applications/nginx/domain.conf.erb +38 -0
  21. data/templates/applications/php/phpfpm.conf.erb +19 -0
  22. data/templates/applications/php/user.conf.erb +19 -0
  23. data/templates/applications/wordpress/mysql_user_privileges.sql.erb +2 -0
  24. data/templates/applications/wordpress/wp-config.php.erb +82 -0
  25. data/templates/asdf/asdf.sh.erb +52 -0
  26. data/templates/deploy_template.json +6 -7
  27. data/templates/distcc/distccd.erb +14 -0
  28. data/templates/distcc/hosts.erb +2 -0
  29. data/templates/portage/make.conf.erb +30 -0
  30. data/templates/portage/package.use/bindist +3 -0
  31. data/templates/portage/package.use/documentation +3 -0
  32. data/templates/services/memcached/memcached.erb +40 -0
  33. data/templates/services/mysql/my.cnf.erb +143 -0
  34. data/templates/services/mysql/root_my.cnf.erb +11 -0
  35. data/templates/services/mysql/user_db_grants.sql.erb +33 -0
  36. data/templates/services/mysql/user_db_grants.sql.erb_cleanupUsers +52 -0
  37. data/templates/services/nginx/nginx.conf.erb +48 -0
  38. data/templates/services/php/php-fpm.conf.erb +2 -0
  39. data/templates/services/postfix/localmail.initial_setup.sh +19 -0
  40. data/templates/services/postfix/localmail.main.cf.erb +41 -0
  41. data/templates/services/postfix/mailname.erb +1 -0
  42. data/templates/services/postfix/mailrelayhost_main.cf.erb +33 -0
  43. data/templates/services/postfix/main.cf.erb +28 -0
  44. data/templates/services/postfix/master.cf.erb +124 -0
  45. data/templates/services/postfix/mysql-virtual-alias-maps.cf.erb +5 -0
  46. data/templates/services/postfix/mysql-virtual-mailbox-domains.cf.erb +5 -0
  47. data/templates/services/postfix/mysql-virtual-mailbox-maps.cf.erb +5 -0
  48. data/templates/system/authorized_keys.erb +5 -0
  49. data/templates/system/crontab.erb +8 -0
  50. data/templates/system/dmcrypt.erb +17 -0
  51. data/templates/system/exports.erb +4 -0
  52. data/templates/system/fstab.erb +4 -0
  53. data/templates/system/sudoers.erb +5 -0
  54. metadata +44 -11
  55. data/.ruby-gemset +0 -1
  56. data/.ruby-version +0 -1
  57. /data/bin/{setup → setup-dd} +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7e103704d84bcb50319a7f6dae091e4655159c1ee83e0b28ae599280ab1c325d
4
- data.tar.gz: '084b77c73e50c58af4f38d8cd81be5cdbbcd6923a046b944f3b1c3eafaacb248'
3
+ metadata.gz: 637fb3a1e9810606d864cbc0acab785194ce1fd101c1d74b1135cda4cf489229
4
+ data.tar.gz: 8886abdb6002348b7fe4fe1d9b27e90766bfd568b30513d246460b2c2dadd188
5
5
  SHA512:
6
- metadata.gz: b24d195152bfd8ce9e63e946d393f6699c56914e6880b431e5ab93b4c557a292b73f3c6a5c6d21fa35fd3cf70f531daced888e1192bea86f0bcef6947e571b9e
7
- data.tar.gz: bcf97212adde19fbb712efb9b9864e1f8f26e22370ed5fd0ff435ea1a04cd065d78b9530ee1b2989afd2aadc4c72eeecbdfc67f52b698dd08af0d7ee5d1be930
6
+ metadata.gz: 1bd45a91ea250c523e7ddaca5f8b06e91f8ebd52ede360389fb612354e383720b316f9652aa94400d6ec1204b02205b3556dcabf47842a17350e04c46389b1e9
7
+ data.tar.gz: 74283e5e2b7ee9d6d3abb15791fc9a742c1e8329eba28d680185380e4682799749b13c848923f3c6b77b2c9ed3fa8585f3f8b0619289aecd11eae363737f9e12
data/.asdf_versions.json ADDED
@@ -0,0 +1,5 @@
1
+ {
2
+ "ruby": [
3
+ "latest:3.2.2"
4
+ ]
5
+ }
data/.tool-versions ADDED
@@ -0,0 +1 @@
1
+ ruby 3.2.2
data/CHANGELOG.md CHANGED
@@ -1,3 +1,12 @@
1
+ patch_0.2.8
2
+ - Switch support from RVM to ASDF
3
+ - users.rb: use Templater to handle authorized_users and sudoers
4
+ - danarchy_deploy.rb: ignore WARNs in gem install
5
+ - danarchy_deploy.rb: use sudo -i to load environment
6
+ - Templater: add builtin templates
7
+ - Gentoo: wait_for_sync
8
+ - System::Init: OpenRC runlevel support
9
+
1
10
  patch_0.2.7
2
11
  - Patch Templater ERB.new for Ruby versions higher than 2.6
3
12
  - Allow builtin:: templates in Templater
data/Gemfile.lock CHANGED
@@ -1,26 +1,27 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- danarchy_deploy (0.2.6)
4
+ danarchy_deploy (0.2.8)
5
5
  danarchy_couchdb (~> 0.1)
6
- mongo (~> 2.17)
6
+ mongo (~> 2.20)
7
7
 
8
8
  GEM
9
9
  remote: https://rubygems.org/
10
10
  specs:
11
- bson (4.14.1)
11
+ bson (5.0.1)
12
12
  danarchy_couchdb (0.1.3)
13
- mongo (2.17.0)
14
- bson (>= 4.8.2, < 5.0.0)
15
- rake (13.0.6)
13
+ mongo (2.20.1)
14
+ bson (>= 4.14.1, < 6.0.0)
15
+ rake (13.2.1)
16
16
 
17
17
  PLATFORMS
18
+ ruby
18
19
  x86_64-linux
19
20
 
20
21
  DEPENDENCIES
21
- bundler (~> 2.3)
22
+ bundler (~> 2.5)
22
23
  danarchy_deploy!
23
24
  rake (~> 13.0)
24
25
 
25
26
  BUNDLED WITH
26
- 2.3.9
27
+ 2.5.11
data/danarchy_deploy.gemspec CHANGED
@@ -28,10 +28,10 @@ Gem::Specification.new do |spec|
28
28
  spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
29
29
  spec.require_paths = ["lib"]
30
30
 
31
- spec.add_dependency "danarchy_couchdb", "~> 0.1"
31
+ spec.add_dependency 'danarchy_couchdb', '~> 0.1'
32
32
 
33
- spec.add_development_dependency "bundler", "~> 2.3"
34
- spec.add_development_dependency "rake", "~> 13.0"
33
+ spec.add_development_dependency 'bundler', '~> 2.5'
34
+ spec.add_development_dependency 'rake', '~> 13.0'
35
35
 
36
- spec.add_runtime_dependency "mongo", "~> 2.17"
36
+ spec.add_runtime_dependency 'mongo', '~> 2.20'
37
37
  end
data/lib/danarchy_deploy/groups.rb CHANGED
@@ -18,7 +18,6 @@ module DanarchyDeploy
18
18
  end
19
19
  end
20
20
 
21
- # [groupadd_result, groupdel_result]
22
21
  deployment
23
22
  end
24
23
 
data/lib/danarchy_deploy/services/init/openrc.rb CHANGED
@@ -3,9 +3,10 @@ module DanarchyDeploy
3
3
  module Services
4
4
  class Init
5
5
  class Openrc
6
- def initialize(service, options)
7
- @service = service
8
- @options = options
6
+ def initialize(service, runlevel, options)
7
+ @service = service
8
+ @runlevel = runlevel
9
+ @options = options
9
10
  end
10
11
 
11
12
  def status
@@ -58,13 +59,16 @@ module DanarchyDeploy
58
59
  end
59
60
 
60
61
  def enable
61
- cmd = "rc-update add #{@service} default"
62
+ cmd = "rc-update add #{@service} #{@runlevel}"
62
63
  DanarchyDeploy::Helpers.run_command(cmd, @options)
63
64
  end
64
65
 
65
66
  def disable
66
- cmd = "rc-update del #{@service} default"
67
- DanarchyDeploy::Helpers.run_command(cmd, @options)
67
+ Dir["/etc/runlevels/*/#{@service}"].each do |svc|
68
+ runlevel, service = svc.split('/')[3,4]
69
+ cmd = "rc-update del #{service} #{runlevel}"
70
+ DanarchyDeploy::Helpers.run_command(cmd, @options)
71
+ end
68
72
  end
69
73
  end
70
74
  end
data/lib/danarchy_deploy/services/init.rb CHANGED
@@ -10,42 +10,52 @@ module DanarchyDeploy
10
10
 
11
11
  deployment[:services].each do |service, params|
12
12
  next if ! params[:init]
13
- orig_actions = params[:init]
14
- puts "\n > Init actions for #{service}: #{params[:init].join(', ')}"
15
- params[:init].each do |action|
16
- puts " |+ Taking action: #{action} on #{service}"
13
+ if params[:init].class == Array
14
+ # one-time update for :init to new format
15
+ params[:init] = if deployment[:os] == 'gentoo'
16
+ { runlevel: 'default', actions: params[:init] }
17
+ else
18
+ { actions: params[:init] }
19
+ end
20
+ end
21
+
22
+ init_manager(deployment[:os], service, params[:init][:runlevel], options)
23
+ puts "\n > Init actions for #{service}: #{params[:init][:actions].join(', ')}"
24
+ params[:init][:actions].each do |action|
25
+ puts " |> Taking action: #{action} on #{service}"
17
26
  if options[:pretend]
18
- puts " Fake run: #{action} #{service}"
27
+ puts " |- Fake run: #{action} #{service}"
19
28
  else
20
- init_manager(deployment[:os], service, action, options)
29
+ init_run(action)
21
30
  end
22
31
  end
23
-
24
- params[:init] = orig_actions
25
32
  end
26
33
 
27
34
  deployment
28
35
  end
29
36
 
30
- def self.init_manager(os, service, action, options)
31
- init = if os == 'gentoo'
32
- DanarchyDeploy::Services::Init::Openrc.new(service, options)
33
- else
34
- DanarchyDeploy::Services::Init::Systemd.new(service, options)
35
- end
37
+ private
38
+ def self.init_manager(os, service, runlevel='default', options)
39
+ @init = if os == 'gentoo'
40
+ DanarchyDeploy::Services::Init::Openrc.new(service, runlevel, options)
41
+ else
42
+ DanarchyDeploy::Services::Init::Systemd.new(service, options)
43
+ end
44
+ end
36
45
 
37
- init_result = init.send(action)
46
+ def self.init_run(action)
47
+ init_result = @init.send(action)
38
48
 
39
49
  if stderr = init_result[:stderr]
40
50
  if stderr.include?('unknown function')
41
- puts " ! Action: #{action} not available for service: #{service}.\n" +
51
+ puts " ! Action: #{action} not available for service.\n" +
42
52
  " ! A restart may be needed! Otherwise, remove this action from the deployment.\n" +
43
53
  " ! Not taking any action here.\n"
44
54
  else
45
- abort(" ! Action: #{action} #{service} failed!")
55
+ abort(" ! Action: #{action} failed!")
46
56
  end
47
57
  else
48
- puts " |+ Action: #{action} #{service} succeeded."
58
+ puts " |+ Action: #{action} succeeded."
49
59
  end
50
60
  end
51
61
  end
data/lib/danarchy_deploy/services.rb CHANGED
@@ -10,7 +10,6 @@ module DanarchyDeploy
10
10
  puts "\n" + self.name
11
11
 
12
12
  deployment[:services].each do |service, params|
13
- next if service == :init
14
13
  puts "\nConfiguring service: #{service}"
15
14
 
16
15
  if params[:archives] && !params[:archives].empty?
data/lib/danarchy_deploy/system/centos.rb CHANGED
@@ -6,12 +6,19 @@ module DanarchyDeploy
6
6
  puts "\n" + self.name
7
7
  puts "#{deployment[:os].capitalize} detected! Using yum."
8
8
  # needs more testing
9
+
10
+ set_hostname(deployment[:hostname]) if !options[:pretend]
9
11
  installer = 'yum install -y '
10
12
  updater = 'yum upgrade -y'
11
13
  cleaner = 'yum clean all'
12
14
 
13
15
  [installer, updater, cleaner]
14
16
  end
17
+
18
+ private
19
+ def set_hostname(hostname)
20
+ `hostnamectl hostname #{hostname}`
21
+ end
15
22
  end
16
23
  end
17
24
  end
data/lib/danarchy_deploy/system/debian.rb CHANGED
@@ -7,6 +7,7 @@ module DanarchyDeploy
7
7
  puts "\n" + self.name
8
8
  puts "#{deployment[:os].capitalize} detected! Using apt."
9
9
 
10
+ set_hostname(deployment[:hostname]) if !options[:pretend]
10
11
  if deployment[:apt]
11
12
  if deployment[:apt][:templates]
12
13
  puts "\nChecking Apt configs."
@@ -56,6 +57,11 @@ module DanarchyDeploy
56
57
  end
57
58
  end
58
59
  end
60
+
61
+ private
62
+ def set_hostname(hostname)
63
+ `hostnamectl hostname #{hostname}`
64
+ end
59
65
  end
60
66
  end
61
67
  end
data/lib/danarchy_deploy/system/gentoo.rb CHANGED
@@ -6,12 +6,7 @@ module DanarchyDeploy
6
6
  puts "\n" + self.name
7
7
  puts 'Gentoo detected! Using emerge.'
8
8
 
9
- hostname = deployment[:hostname]
10
- if check_hostname(hostname) == false
11
- puts "Setting hostname to: #{hostname}"
12
- set_hostname(hostname)
13
- end
14
-
9
+ set_hostname(deployment[:hostname]) if !options[:pretend]
15
10
  installer = 'emerge --usepkg --buildpkg --quiet --noreplace '
16
11
  # This needs cpuid2cpuflags to build make.conf; don't --pretend here.
17
12
  system("qlist -I cpuid2cpuflags &>/dev/null || #{installer} cpuid2cpuflags &>/dev/null")
@@ -23,43 +18,108 @@ module DanarchyDeploy
23
18
  cleaner = 'emerge --depclean --quiet '
24
19
  cleaner += '--pretend ' if options[:pretend]
25
20
 
21
+ if emerge_sync_in_progress
22
+ puts "\n > Waiting for emerge sync to complete."
23
+ emerge_sync_wait
24
+ end
25
+
26
26
  if deployment[:portage]
27
27
  if deployment[:portage][:templates]
28
28
  puts "\nChecking Portage configs."
29
29
  DanarchyDeploy::Templater.new(deployment[:portage][:templates], options)
30
30
  end
31
31
 
32
- emerge_sync(options) if deployment[:portage][:sync]
32
+ emerge_sync(deployment[:portage][:sync], options)
33
33
  end
34
34
 
35
35
  [installer, updater, cleaner]
36
36
  end
37
37
 
38
38
  private
39
+ def self.emerge_sync_in_progress
40
+ repo_path = `emerge --info | grep location`.chomp.split(': ').last
41
+ Dir.exist?(repo_path + '/.tmp-unverified-download-quarantine')
42
+ end
39
43
 
40
- def self.emerge_sync(options)
41
- File.open('/tmp/datetime', 'a+') do |f|
42
- last_sync = f.getbyte ? DateTime.parse(f.read) : (DateTime.now - 2)
43
-
44
- if (DateTime.now - last_sync).to_i != 0
45
- puts "\nUpdating Portage repo..."
46
- DanarchyDeploy::Helpers.run_command('emerge --sync --quiet 2>/dev/null', options)
47
- f.truncate(0)
48
- f.write DateTime.now
49
- end
44
+ def self.emerge_sync_wait
45
+ while emerge_sync_in_progress
46
+ sleep 3
47
+ end
48
+ puts " |> Continuing with emerge!"
49
+ end
50
50
 
51
- f.close
51
+ def self.emerge_sync(sync, options)
52
+ if sync.nil?
53
+ install_cron_template(sync, options)
54
+ elsif sync == false
55
+ puts "\nNot running emerge sync; set to: #{sync}"
56
+ install_cron_template(sync, options)
57
+ elsif sync == true
58
+ File.delete('/var/spool/cron/crontabs/portage') if File.exist?('/var/spool/cron/crontabs/portage')
59
+ DanarchyDeploy::Helpers.run_command('emerge --sync &>/var/log/emerge-sync.log', options)
60
+ elsif sync =~ /([0-9]{1,2}|\*|\@[a-z]{4,7})/i
61
+ install_cron_template(sync, options)
62
+ else
63
+ puts "\nUnknown sync cron time: #{sync}. Not running emerge sync!"
52
64
  end
53
65
  end
54
66
 
55
67
  def self.set_hostname(hostname)
56
- confd_hostname = "hostname=\"#{hostname}\""
57
- File.write('/etc/conf.d/hostname', confd_hostname)
58
- `hostname #{hostname}`
68
+ if `hostname`.chomp != hostname
69
+ puts "Setting hostname to: #{hostname}"
70
+ confd_hostname = "hostname=\"#{hostname}\""
71
+ File.write('/etc/conf.d/hostname', confd_hostname)
72
+ `hostname #{hostname}`
73
+ end
59
74
  end
60
75
 
61
- def self.check_hostname(hostname)
62
- `hostname`.chomp == hostname
76
+ def self.install_cron_template(sync, options)
77
+ templates = if sync.nil? || sync == false
78
+ [
79
+ {
80
+ target: '/var/spool/cron/crontabs/portage',
81
+ remove: true
82
+ }
83
+ ]
84
+ else
85
+ [
86
+ {
87
+ source: 'builtin::system/crontab.erb',
88
+ target: '/var/spool/cron/crontabs/portage',
89
+ dir_perms: {
90
+ owner: 'root',
91
+ group: 'crontab',
92
+ mode: '1730'
93
+ },
94
+ file_perms: {
95
+ owner: 'portage',
96
+ group: 'crontab',
97
+ mode: '0600'
98
+ },
99
+ variables: {
100
+ shell: '/bin/bash',
101
+ path: '/usr/local/sbin:/usr/local/bin:/usr/bin',
102
+ env: '',
103
+ jobs: [
104
+ {
105
+ schedule: sync,
106
+ command: 'emerge --sync &>/var/log/emerge-sync.log'
107
+ },
108
+ {
109
+ schedule: '@daily',
110
+ command: 'eclean-dist &>/dev/null'
111
+ },
112
+ {
113
+ schedule: '@daily',
114
+ command: 'eclean-pkg &>/dev/null'
115
+ }
116
+ ]
117
+ }
118
+ }
119
+ ]
120
+ end
121
+
122
+ DanarchyDeploy::Templater.new(templates, options)
63
123
  end
64
124
  end
65
125
  end
data/lib/danarchy_deploy/system/opensuse.rb CHANGED
@@ -6,6 +6,7 @@ module DanarchyDeploy
6
6
  puts "\n" + self.name
7
7
  puts "#{deployment[:os].capitalize} detected! Using zypper."
8
8
 
9
+ set_hostname(deployment[:hostname]) if !options[:pretend]
9
10
  puts "Updating zypper repositories..."
10
11
  DanarchyDeploy::Helpers.run_command('sudo zypper refresh', options)
11
12
 
@@ -17,6 +18,11 @@ module DanarchyDeploy
17
18
 
18
19
  [installer, updater, cleaner]
19
20
  end
21
+
22
+ private
23
+ def set_hostname(hostname)
24
+ `hostnamectl hostname #{hostname}`
25
+ end
20
26
  end
21
27
  end
22
28
  end
data/lib/danarchy_deploy/system.rb CHANGED
@@ -3,7 +3,7 @@ require_relative 'system/debian'
3
3
  require_relative 'system/gentoo'
4
4
  require_relative 'system/opensuse'
5
5
 
6
- require_relative 'system/cryptsetup'
6
+ # require_relative 'system/cryptsetup'
7
7
  require_relative 'system/fstab'
8
8
 
9
9
  module DanarchyDeploy
@@ -13,10 +13,11 @@ module DanarchyDeploy
13
13
  puts "\n" + self.name
14
14
 
15
15
  installer, updater, cleaner = prep_operating_system(deployment, options)
16
- install_result = nil
16
+ install_result, updater_result = nil, nil
17
17
 
18
18
  puts "\n > Package Installation"
19
- if deployment[:packages].any? && ['all', 'packages', nil].include?(deployment[:system][:update])
19
+ if [true, 'all', 'selected', nil].include?(deployment[:system][:update]) &&
20
+ deployment[:packages].any?
20
21
  packages = deployment[:packages].join(' ')
21
22
  puts "\n - Installing packages..."
22
23
  install_result = DanarchyDeploy::Helpers.run_command("#{installer} #{packages}", options)
@@ -28,18 +29,21 @@ module DanarchyDeploy
28
29
  end
29
30
 
30
31
  puts "\n > #{deployment[:os].capitalize} System Updates"
31
- if ['all', 'system', nil].include?(deployment[:system][:update])
32
+ if [true, 'all', 'system', nil].include?(deployment[:system][:update])
32
33
  puts "\n - Running system updates..."
33
34
  updater_result = DanarchyDeploy::Helpers.run_command(updater, options)
34
35
  puts updater_result[:stdout] if updater_result[:stdout]
35
- puts "\n - Cleaning up unused packages..."
36
- cleanup_result = DanarchyDeploy::Helpers.run_command(cleaner, options)
37
- puts cleanup_result[:stdout] if cleanup_result[:stdout]
38
36
  else
39
37
  puts "\n - Not running #{deployment[:os].capitalize} system updates."
40
38
  puts " |_ Updates selected: #{deployment[:system][:update]}"
41
39
  end
42
40
 
41
+ if install_result || updater_result
42
+ puts "\n - Cleaning up unused packages..."
43
+ cleanup_result = DanarchyDeploy::Helpers.run_command(cleaner, options)
44
+ puts cleanup_result[:stdout] if cleanup_result[:stdout]
45
+ end
46
+
43
47
  deployment
44
48
  end
45
49
 
@@ -59,7 +63,8 @@ module DanarchyDeploy
59
63
  DanarchyDeploy::Templater.new(deployment[:system][:templates], options)
60
64
  end
61
65
 
62
- DanarchyDeploy::System::Cryptsetup.new(deployment[:os], deployment[:system][:cryptsetup], options)
66
+ # Disabled due to Init changes; re-writing and splitting LVM/CryptSetup
67
+ # DanarchyDeploy::System::Cryptsetup.new(deployment[:os], deployment[:system][:cryptsetup], options)
63
68
 
64
69
  if deployment[:system][:fstab]
65
70
  DanarchyDeploy::System::Fstab.new(deployment[:os], deployment[:system][:fstab], options)
data/lib/danarchy_deploy/templater.rb CHANGED
@@ -95,13 +95,12 @@ module DanarchyDeploy
95
95
  chmod = nil
96
96
  puts "\n > Verifying ownership and permissions for '#{target}'"
97
97
  if perms
98
- puts " |+ Setting file mode to: #{perms[:mode]}"
99
98
  (owner, group, mode) = perms[:owner], perms[:group], perms[:mode]
100
99
  else
101
100
  if File.stat(target).mode & 07777 == '0777'.to_i(8)
102
101
  puts " ! '#{target}' has 0777 permissions! Setting those to something more sane."
103
102
  if File.ftype(target) == 'directory'
104
- puts " |+ Setting file mode to: 0775"
103
+ puts " |+ Setting directory mode to: 0775"
105
104
  chmod = File.chmod(0775, target) ? true : false if !options[:pretend]
106
105
  elsif File.ftype(target) == 'file'
107
106
  puts " |+ Setting file mode to: 0644"
data/lib/danarchy_deploy/users.rb CHANGED
@@ -8,6 +8,7 @@ module DanarchyDeploy
8
8
 
9
9
  deployment[:users].each do |username, user|
10
10
  user[:username] = username.to_s
11
+ user[:home] ||= '/home/' + username.to_s
11
12
  puts "\n > Checking if user '#{user[:username]}' already exists."
12
13
  usercheck_result = usercheck(user, options)
13
14
 
@@ -15,8 +16,8 @@ module DanarchyDeploy
15
16
  puts " - User: #{user[:username]} already exists!"
16
17
  else
17
18
  group = { groupname: user[:username] }
18
- group[:gid] = user[:gid] ? user[:gid] : nil
19
- group[:system] = user[:system] ? user[:system] : nil
19
+ group[:gid] = user[:gid] || nil
20
+ group[:system] = user[:system] || nil
20
21
 
21
22
  groupcheck_result = DanarchyDeploy::Groups.groupcheck(group, options)
22
23
  if !groupcheck_result[:stdout] && group[:gid]
@@ -40,12 +41,12 @@ module DanarchyDeploy
40
41
 
41
42
  if user[:authorized_keys]
42
43
  puts "\n > Checking on #{user[:authorized_keys].count} authorized_keys for user: #{user[:username]}"
43
- authorized_keys(user)
44
+ authorized_keys(user, options)
44
45
  end
45
46
 
46
47
  if user[:sudoer]
47
48
  puts "\n > Checking sudo rules for user: #{user[:username]}"
48
- sudoer(user)
49
+ sudoer(user, options)
49
50
  end
50
51
  end
51
52
 
@@ -63,13 +64,13 @@ module DanarchyDeploy
63
64
  private
64
65
  def self.useradd(user, options)
65
66
  useradd_cmd = "useradd #{user[:username]} "
66
- useradd_cmd += "--home-dir #{user[:home]} " if user[:home]
67
- useradd_cmd += "--create-home " if !Dir.exist?(user[:home])
68
- useradd_cmd += "--uid #{user[:uid]} " if user[:uid]
69
- useradd_cmd += "--gid #{user[:gid]} " if user[:gid]
67
+ useradd_cmd += "--home-dir #{user[:home]} " if user[:home]
68
+ useradd_cmd += "--create-home " if ! Dir.exist?(user[:home])
69
+ useradd_cmd += "--uid #{user[:uid]} " if user[:uid]
70
+ useradd_cmd += "--gid #{user[:gid]} " if user[:gid]
70
71
  useradd_cmd += "--groups #{user[:groups].join(',')} " if user[:groups]
71
- useradd_cmd += "--shell /sbin/nologin " if user[:nologin]
72
- useradd_cmd += "--system " if user[:system]
72
+ useradd_cmd += "--shell /sbin/nologin " if user[:nologin]
73
+ useradd_cmd += "--system " if user[:system]
73
74
  DanarchyDeploy::Helpers.run_command(useradd_cmd, options)
74
75
  end
75
76
 
@@ -111,40 +112,47 @@ module DanarchyDeploy
111
112
  DanarchyDeploy::Helpers.run_command(removegroup_cmd, options)
112
113
  end
113
114
 
114
- def self.authorized_keys(user)
115
- ssh_path = user[:home] + '/.ssh'
116
- authkeys = ssh_path + '/authorized_keys'
117
-
118
- Dir.exist?(ssh_path) || Dir.mkdir(ssh_path, 0700)
119
- File.chown(user[:uid], user[:gid], ssh_path)
120
- File.open(authkeys, 'a+') do |f|
121
- contents = f.read
122
- user[:authorized_keys].each do |authkey|
123
- if contents.include?(authkey)
124
- puts " - Key already in place: #{authkey}"
125
- else
126
- puts " + Adding authorized_key: #{authkey}"
127
- f.puts authkey
128
- end
129
- end
130
-
131
- f.chown(user[:uid], user[:gid])
132
- f.close
133
- end
115
+ def self.authorized_keys(user, options)
116
+ templates = [
117
+ {
118
+ source: 'builtin::system/authorized_keys.erb',
119
+ target: user[:home] + '/.ssh/authorized_keys',
120
+ dir_perms: {
121
+ owner: user[:username],
122
+ group: user[:username],
123
+ mode: '0700'
124
+ },
125
+ file_perms: {
126
+ owner: user[:username],
127
+ group: user[:username],
128
+ mode: '0644'
129
+ },
130
+ variables: {
131
+ authorized_keys: user[:authorized_keys]
132
+ }
133
+ }
134
+ ]
135
+
136
+ DanarchyDeploy::Templater.new(templates, options)
134
137
  end
135
138
 
136
- def self.sudoer(user)
137
- sudoer_file = '/etc/sudoers.d/danarchy_deploy-' + user[:username]
138
- File.open(sudoer_file, 'a+') do |f|
139
- if !f.read.include?(user[:sudoer])
140
- puts " |+ Added: '#{user[:sudoer]}'"
141
- f.puts user[:sudoer]
142
- else
143
- puts ' - No change needed'
144
- end
145
-
146
- f.close
147
- end
139
+ def self.sudoer(user, options)
140
+ templates = [
141
+ {
142
+ source: 'builtin::system/sudoers.erb',
143
+ target: '/etc/sudoers.d/danarchy_deploy-' + user[:username],
144
+ file_perms: {
145
+ owner: 'root',
146
+ group: 'root',
147
+ mode: '0440'
148
+ },
149
+ variables: {
150
+ rules: user[:sudoer]
151
+ }
152
+ }
153
+ ]
154
+
155
+ DanarchyDeploy::Templater.new(templates, options)
148
156
  end
149
157
  end
150
158
  end
data/lib/danarchy_deploy/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module DanarchyDeploy
2
- VERSION = "0.2.7"
2
+ VERSION = "0.2.8"
3
3
  end